On Tue, Jan 10, 2006 at 05:39:06PM +0100, DrumFire wrote: | bugreport number 137: | | http://cvs.openbsd.org/cgi-bin/query-pr-wrapper?full=yes&numbers=137 | | is not yet close. If you have access on a OpenBSD system, | you can hangup it using this command: | | while true; do grep pippo /dev/zero & done | | Why, this bug is yet open? Everyone can crash my OpenBSD server, | if have a simple shell. There's some sysctl to modidy, to avoid | this problem?
Funny you should mention that - I tried that just two hours ago in a discussion with a coworker. It doesn't crash my system. It becomes pretty slow after spawning 83 processes because it's eating memory (and swap) like cake. Swapping is what makes the system go slow. After I log in as root and kill the shell that started all this nonsense, I can continue working as normal. To prevent your users from doing this, tell them not to. This can be somewhat enforced by putting your users in a separate loginclass which has a limited amount of memory and processes available. Read up on login.conf(5). Cheers, Paul 'WEiRD' de Weerd -- >++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+ +++++++++++>-]<.>++[<------------>-]<+.--------------.[-] http://www.weirdnet.nl/ [demime 1.01d removed an attachment of type application/pgp-signature]